From 26d2f70c59f8c66d7cf1a016b74e3007c0e2c118 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 6 Jul 2020 10:48:16 +0200
Subject: segtree: zap element statement when decomposing interval

Otherwise, interval sets do not display element statement such as
counters.

Fixes: 6d80e0f15492 ("src: support for counter in set definition")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/segtree.c                                         | 16 ++++++++++++++++
 tests/shell/testcases/sets/0051set_interval_counter_0 | 19 +++++++++++++++++++
 .../sets/dumps/0051set_interval_counter_0.nft         | 13 +++++++++++++
 3 files changed, 48 insertions(+)
 create mode 100755 tests/shell/testcases/sets/0051set_interval_counter_0
 create mode 100644 tests/shell/testcases/sets/dumps/0051set_interval_counter_0.nft

diff --git a/src/segtree.c b/src/segtree.c
index b6ca6083..49169e73 100644
--- a/src/segtree.c
+++ b/src/segtree.c
@@ -1027,6 +1027,10 @@ void interval_map_decompose(struct expr *set)
 					tmp->timeout = low->left->timeout;
 				if (low->left->expiration)
 					tmp->expiration = low->left->expiration;
+				if (low->left->stmt) {
+					tmp->stmt = low->left->stmt;
+					low->left->stmt = NULL;
+				}
 
 				tmp = mapping_expr_alloc(&tmp->location, tmp,
 							 expr_clone(low->right));
@@ -1037,6 +1041,10 @@ void interval_map_decompose(struct expr *set)
 					tmp->timeout = low->timeout;
 				if (low->expiration)
 					tmp->expiration = low->expiration;
+				if (low->stmt) {
+					tmp->stmt = low->stmt;
+					low->stmt = NULL;
+				}
 			}
 
 			compound_expr_add(set, tmp);
@@ -1059,6 +1067,10 @@ void interval_map_decompose(struct expr *set)
 					prefix->timeout = low->left->timeout;
 				if (low->left->expiration)
 					prefix->expiration = low->left->expiration;
+				if (low->left->stmt) {
+					prefix->stmt = low->left->stmt;
+					low->left->stmt = NULL;
+				}
 
 				prefix = mapping_expr_alloc(&low->location, prefix,
 							    expr_clone(low->right));
@@ -1069,6 +1081,10 @@ void interval_map_decompose(struct expr *set)
 					prefix->timeout = low->timeout;
 				if (low->expiration)
 					prefix->expiration = low->expiration;
+				if (low->stmt) {
+					prefix->stmt = low->stmt;
+					low->stmt = NULL;
+				}
 			}
 
 			compound_expr_add(set, prefix);
diff --git a/tests/shell/testcases/sets/0051set_interval_counter_0 b/tests/shell/testcases/sets/0051set_interval_counter_0
new file mode 100755
index 00000000..ea90e264
--- /dev/null
+++ b/tests/shell/testcases/sets/0051set_interval_counter_0
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+set -e
+
+EXPECTED="table ip x {
+	set s {
+		type ipv4_addr
+		flags interval
+		counter
+		elements = { 192.168.2.0/24 }
+	}
+
+	chain y {
+		type filter hook output priority filter; policy accept;
+		ip daddr @s
+	}
+}"
+
+$NFT -f - <<< "$EXPECTED"
diff --git a/tests/shell/testcases/sets/dumps/0051set_interval_counter_0.nft b/tests/shell/testcases/sets/dumps/0051set_interval_counter_0.nft
new file mode 100644
index 00000000..fd488a76
--- /dev/null
+++ b/tests/shell/testcases/sets/dumps/0051set_interval_counter_0.nft
@@ -0,0 +1,13 @@
+table ip x {
+	set s {
+		type ipv4_addr
+		flags interval
+		counter
+		elements = { 192.168.2.0/24 counter packets 0 bytes 0 }
+	}
+
+	chain y {
+		type filter hook output priority filter; policy accept;
+		ip daddr @s
+	}
+}
-- 
cgit v1.2.3